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PUBLIC KEY CERTIFICATE 



CERTIFICATE VERSION NO. 



CERTIFICATE AUTHORITY ( CA) 
SERIAL NUMBER 



SIGNATURE ALGORITHM AND 
PARAMETERS 



CERTIFICATE AUTHORITY ( CA) 
NAME 



CERTIFICATE VALIDITY 



USER ID 



USER PUBLIC KEY 



CERTIFICATE AUTHORITY (CA) 
PRIVATE KEY 




ENTIRE 
MESSAGE 



DIGITAL 
SIGNATURE 
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RSA 

qi~J CERTIFICATE 
n AUTHORITY 
(RSA-CA) 



32' 



ECDSA 
CERTIFICATE 
AUTHORITY 
(ECDSA-CA) 



RSA 

REGISTRATION 

AUTHORITY 

(RSA-RA) 



33 — 



-21 



ECDSA 

REGISTRATION 

AUTHORITY 

(ECDSA-RA) 



j RSA) 



RSA 

END ENTITY 
(RSA-EE) 



~22 



ECDSA 

END ENTITY 

(ECDSA-EE) 
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EXAMPLE OF CERTIFICATE FORMAT (BASED ON X. 509 V3) 



ITEMS 


| DESCRIPTION 


I SETT I NGS WITH THIS IA 


Version 1 


vers i on 


VERSION OF CERTIFICATE FORMAT 


V3 


serial Number 


CERTIFICATE SERIAL NUMBER 
FURNISHED BY I A 


SEQUENTIAL SERIAL NUMBER 


signature. algorithm 
Identifier 
al gor i thm 
parameters 


CERTIFICATE SIGNATURE 
ALGORITHM AND PARAMETERS 


•ELLIPTIC CURVE 

CRYPTOGRAPHY OR RSA 
•PARAMETERS IN THE 

CASE OF ELLIPTIC 

CURVE CRYPTOGRAPHY 
•KEY LENGTH IN THE 

CASE OF RSA 


issuer 


IA NAME (DISTINGUISHED 
NAME FORMAT) 


NAME OF THIS I A 


val idity 
notBefore 
notAfter 


VALIDITY OF CERTIFICATE 
•STARTING DATE AND TIME 
•ENDING DATE AND TIME 




subject 


USER IDENTIFICATION NAME 


USER DEVICE ID OR 
SERVICE ENTITY ID 


subject Pub I ic Key Info 
algorithm 
subject Pub I ic key 


USER'S PUBLIC KEY INFORMATION 
•KEY ALGORITHM 
•PUBLIC KEY 


•ELLIPTIC CURVE 
CRYPTOGRAPHY OR RSA 
•USER'S PUBLIC KEY 


Version 3 


authority Key Identifier 
key Identifier 
authority Cert Issuer 
authority Cert Serial 

Number 


•KEY IDENTIFIER FOR SIGNATURE 
VERIFICATION BY IA 
•KEY ID NUMBER (OCTAL) 
• IA NAME (GENERAL NAME FORMAT) 
•CERTIFICATE SERIAL NUMBER 




subject key Identifier 


APPLICABLE WHERE MULTIPLE 
KEYS NEED TO BE CERTIFIED 


NOT USED 


key usage 

(0) digital Signature 

(1) non Repudiation 

(2) key Encipherment 

(3) data Encipherment 

(4) key Agreement 

(5) key CertSign 

(6) cRL Sign 


THE PURPOSE OF KEY USAGE 
IS DESIGNATED 
(O)FOR DIGITAL SIGNATURE 
(DFOR REPUDIATION PREVENTION 

(2) FOR KEY ENCRYPTION 

(3) FOR MESSAGE ENCRYPTION 

(4) FOR DISTRIBUTION OF 
COMMON KEY 

(5) FOR VERIFICATION OF 
SIGNATURE ON CERTIFICATE 

(6) FOR VERIFICATION OF 
SIGNATURE ON CERTIFICATE 
REVOCATION LIST 


USAGE (0), (1), (4) AND 
(6) APPLY 


private Key Usage Period 
notBefore 
notAfter 


USAGE PERIOD OF USER'S 
PRIVATE KEY 


USAGE PERIOD OF 
CERT I F I CATE=USAGE PERIOD 
OF PUBLIC KEY=USAGE PERIOD 
OF PRIVATE KEY (DEFAULT) 
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pol icy Mappings 

I rci tor Hrjma i n Pn 1 i r*v 
issuer uuii let i J J rut iuy 

subject Domain Pol icy 


NECESSARY ONLY WHEN CA IS 
PFRTIFIFD am ISSUER DOMAIN 
POLICY AND A SUBJECT DOMAIN 
POLICY ARE DEFINED. 


NONE BY DEFAULT 


supported Algorithms 
algorithm Identifier 
intended Usage 
intended Certificate 

Pol icies 


ATTRIBUTES OF THE DIRECTORY 
d\J\J) Atlt ucr 1 vicu. nncn inc. 
OPPOSITE PARTY OF 
COMMUNICATION IS TO USE 
DIRECTORY INFORMATION, THAT 
PARTY IS INFORMED OF THE 
DIRECTORY ATTRIBUTES IN 
ADVANCE. 


NONE BY DEFAULT 


subject Alt Name 


USER'S ALTERNATIVE NAME 
(GENERAL NAME FORMAT). 


NOT USED 


issuer Alt Name 


THIS FIELD IS INCLUDED 
(NONE BY DEFAULT). 


NONE BY DEFAULT 


subject Directory 
Attr i butes 


USER'S ANY ATTRIBUTES. 


NOT USED 


basic Constraints 
cA 

path Len Constraint 


THIS FIELD SPECIFIES WHETER 
THE PUBLIC KEY SUBJECT TO 
CERTIFICATION IS TO BE 
SIGNED BY THE CERTIFICATE 
AUTHORITY (CA) OR USED BY 
THE USER. 


USED BY USER 
BY DEFAULT 


name Constraints 
permitted Subtrees 
base 
minimum 
maximum 

excluded Subtrees 


USED ONLY WHEN THE SUBJECT 
IS CA (CA CERTIFICATION). 


NONE BY DEFAULT 


policy Constraints 
require Expl icit Pol icy 
inhibit Pol icy Mapping 


DESCRIBED HERE ARE 
CONSTRAINTS REQUIRING 
EXPLICIT POLICY IDs AND 
INHIBIT POLICY MAPPING FOR 
THE REMAINING CERTIFICATION 
PATHS. 




CRL Distribution Points 


DESCRIBED HERE ARE POINTS AT 
WHICH THE USER REFERENCES 
THE CERTIFICATE REVOCATION 
LIST (CRL) TO SEE WHETHER 
THE CERTIFICATE IS REVOKED. 


THESE POINTS SERVE AS 
POINTERS INDICATING 
WHERE THE CERTIFICATE IS 
REGISTERED. THE 
CERTIFICATE REVOCATION 
LIST IS MANAGED BY THE 
ISSUER. 


SIGNATURE 


ISSUER'S SIGNATURE 
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S1 — 



LET p BE CHARACTERISTIC, AND a, 
b BE COEFFICIENTS OF ELLIPTIC 
CURVE. DEFINE ELLIPTIC CURVE BY 
y 2 =x 3 +ax + b. LET G BE BASE POINT 
OF CURVE; r BE ORDER OF G;M BE 
MESSAGE; Ks BE PRIVATE KEY; 
AND G, Ks x G BE PUBLIC KEY. 



S2- 



CALCULATE F=Hash (M) 



S3- 



X 



S4~ 
S5- 



GET RANDOM NUMBER GENERATOR 
TO GENERATE u (0 <u<r) 

E 



CALCULATE Y = u x G= (Xv, Yv) j 



CALCULATE c =Xv mod r 

— T~ 



S6 



c = 0 ? 



> 



YES 





NO 


CALCULATE d= [(f + cKs) /u] mod r 



S8 



d = 0 ? 



S9- 



> 



YES 





NO 


LET SIGNATURE DATA BE(c.d) 
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S 
-> 



LET p BE CHARACTERISTIC, AND a, 
b BE COEFFICIENTS OF ELLIPTIC 
CURVE. DEFINE ELLIPTIC CURVE BY 
y 2 =x 3 +ax + b. LET G BE BASE POINT 
OF CURVE; r BE ORDER OF G ; M BE 
MESSAGE; (c, d) BE SIGNATURE; 
AND G, Ks x G BE PUBLIC KEY. 



S12 

S13- 
S14- 

S15~ 
S16~ 



^ 0< 



— S11 



c<r AND 0<d<r ? 



NO 





r YES 


CALCULATE 


f=Hash (M) 


I 


CALCULATE h 


= 1 / 6 mod r 



CALCULATE hi =fh mod r 
AND h2 =ch mod r 



I 



S17 



S18 



CALCULATE POINT P = 
(Xp, Yp)=h1 x G+h2 -Ks x G 

I 



~~ X 'S P INFINITE POINT ? 



YES 



NO 



~~ XdOES c = Xp mod r HOLD ?^ 



NO 



YES 



S19— | SIGNATURE VALID | 



S20 



SIGNATURE INVALID 
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GENERATION OF KEYS 
FOR RSA CRYPTOSYSTEM 



SELECT PRIME NUMBERS 
P AND q (OF ABOUT 1 5 0 
DIGITS EACH) 



-S21 



CALCULATE n = pg ~| ~^ S22 



CALCULATE L=(p-1)(q-1) 



-S23 



SELECT 


POSITIVE 


INTEGER 


e LESS 


THAN n 


AND NOT 


SHARING 


COMMON 


FACTOR 


WITH L AND LET ( n 


, e) BE 


PUBLIC 


KEY 







FIND POSITIVE INTEGER d LESS 
THAN L AND SATISFYING 
de=1 mod L AND LET (p , q, d) 
BE PRIVATE KEY 



-S24 



-S25 
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RSA SIGNATURE 
GENERATION PROCESS 



APPLY HASH FUNCTION h TO 
PLAIN TEXT MESSAGE M 
m=h (M) 



S=m d mod n 
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c 



RSA SIGNATURE 
VERIFICATION PROCESS 



APPLY HASH FUNCTION h TO 
PLAIN TEXT MESSAGE M 
m=h (M) 
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NO 



<L m-S mod n ? 
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<> 




YES S35 

r ^ \ 


SIGNATURE VALID SIGNATURE INVALID 
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